CrowdStrike Conducts External Review to Better Understand What Triggered the Global Outage

The root cause analysis conducted by external vendors has revealed an interprocess communication (IPC) template type error.

Advertisement
Written by Akash Dutta, Edited by Siddharth Suvarna | Updated: 7 August 2024 16:05 IST
Highlights
  • CrowdStrike did not name the vendors performing the external review
  • The CrowdStrike outage occurred on July 19
  • The outage affected Windows laptops and desktops globally
CrowdStrike Conducts External Review to Better Understand What Triggered the Global Outage

Microsoft services such as Office 365 and Azure were affected during the CrowdStrike outage

Photo Credit: Unsplash/Windows

CrowdStrike, the US-based cybersecurity firm, caused a global outage on July 19 after an update resulted in Windows laptops and desktops crashing and getting stuck in a boot loop. The outage lasted multiple hours affecting different sectors including airlines, healthcare, IT, and more. After fixing the issue, the company published a post-incident report highlighting that its artificial intelligence (AI) system dubbed 'Falcon sensor' caused an error. Now, the company has published a detailed report after conducting an external review to highlight what exactly went wrong.

CrowdStrike Publishes External Review Report

In a report titled ‘External Technical Root Cause Analysis — Channel File 291', the cybersecurity firm said it found that the Falcon sensor deployed an erroneous template type string which affected Windows interprocess communication (IPC) mechanisms.

As per CrowdStrike, Falcon runs machine-learning models that automatically identify and remediate the latest and advanced threats from bad actors. Right before the July 19 outage, the detection functionality pushed a new “template type” to millions of computers of customers' Falcon installations in version 7.11.

However, this is where things went wrong. The report highlighted that the IPC template type had defined 21 input parameter fields but “the integration code that invoked the Content Interpreter with Channel File 291's Template Instances supplied only 20 input values to match against.” This mismatch is usually not a concern since so far the AI system has never picked an input outside the given 20.

Advertisement

But on that day, the sensor asked to inspect template type 21. Since there was no corresponding integration code relating to it, the attempt to access the 21st input parameter created an out-of-bounds memory error and resulted in a system crash.

Highlighting steps for mitigation, the report claimed that CrowdStrike developed a patch for the Sensor Content Compiler that validates the number of inputs provided by a Template Type. This went into production on July 27. The firm said that it has also focused on increased testing and validation before pushing an update. Further, it has also stated that all future updates will be rolled out in a phased manner to minimise any potential error.

Advertisement

Notably, no details about the external vendors who conducted the review were provided.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: CrowdStrike, Microsoft Hub, Laptops
Advertisement

Related Stories

Popular Mobile Brands
  1. OnePlus 13s Launched in India: Know Price, Specifications and More
  2. OnePlus 13s Review
  3. OnePlus Pad 3 With 12,140mAh Battery Launched in India: Check Features
  4. Poco F7 Launch Timeline, Key Specifications Leaked Ahead of Debut
  5. Oppo Teases Launch of New Smartphone in India; Could Be Reno 14
  6. Nintendo Switch 2 Debuts With Joy-Con 2 Controllers: Price, Features
  7. OnePlus 13s vs iQOO 13: Price in India, Specifications Compared
  8. Redmi Pad 2 to Launch in India on This Date
  9. OpenAI's ChatGPT Now Has a Record Mode and Can Connect to Gmail, Outlook
  10. Tecno Pova Curve 5G First Sale Starts Today in India: See Offers
  1. Nothing Headphone 1 Launch Date Set for July 1, to Arrive Alongside Nothing Phone 3
  2. Ethereum Foundation Announces Overhauled Treasury Strategy Amid Scaling Push
  3. Google DeepMind’s Demis Hassabis Wants to Build AI Email Assistant That Can Reply in Your Style: Report
  4. Starlink Reportedly Nears India Launch With DoT Approval for GMPCS License Expected Soon
  5. Oppo Confirms Arrival of New Smartphone in India; Could Be the Reno 14
  6. Redmi Pad 2 India Launch Date Set for June 18; Design, Colour Options Teased
  7. Xiaomi Smart Band 10 Leaked Images Suggests a Familiar Design; Specifications Tipped
  8. OnePlus Pad 3 With Snapdragon 8 Elite SoC, 12,140mAh Battery Launched in India: Specifications
  9. Nintendo Switch 2 Launches With 7.9-Inch LCD Display, Joy-Con 2 Controllers
  10. Pixel 10 Series Colour Options Tipped; Google Could Drop Iconic Hues
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.